This is a guest article written by Robert Mardisalu. The author’s views are entirely his own and may not reflect the views of IT Governance USA.
Cyber criminals are always looking for ways to lie, cheat, and steal their way to profit. Every day presents new methods of attack and new opportunities to exploit.
According to a World Economic Forum report, cyber crime damages will amount to a staggering $6 trillion by 2021.
In response, organizations invest more and more in cybersecurity. Navigant Research predicts that worldwide information security spending will grow from $1.8 billion in 2017 to $3.2 billion by 2026.
The thing is, cyber crime is a blanket term for the different types of threats, but each one has its own nuances and there are different ways to mitigate or avoid them.
Here are six threats you should be aware of and tips on how to stay safe.
Phishing attacks use social engineering and psychological manipulation to persuade a person to do something that the attacker wants.
According to CSO, these attacks account for more than 80% of reported security incidents. They come in the form of email or text messages, social media exploits, fake ads, and even seemingly legitimate websites.
However, some people either think they aren’t a target or that they can tell when they’re being phished.
The fact is, whether you’re the CEO of a corporation or a minimum-wage earner, anyone can be phished. To make matters worse, attackers can use AI in their phishing attacks.
How to avoid phishing attacks
Since phishing is a psychology-based attack, the first line of defense will always be human intelligence. If you receive an email or a text message that needs you to do something quickly or there’ll be negative repercussions, don’t panic and do some research.
The key thing to remember is if something is too good (or bad) to be true, it probably is.
Malwarebytes defines ransomware as malware that prevents users from accessing their systems or files and demands a ransom payment in order to regain access.
Attackers often spread ransomware through spam emails, malicious ads, and targeted attacks such as the WannaCry attack on UK hospitals in 2017.
It can cost a lot of money to recover your systems or data, with the average ransom demand being more than $40,000.
This increase was brought about by attackers moving from spam attacks to more focused ransomware attacks.
Some ransomware groups will attack medical organizations – even the ones trying to develop a vaccine for the coronavirus pandemic. This was the case with the Maze ransomware group’s attack on a UK medical research company in March this year.
How to avoid ransomware attacks
You can use the same tips to avoid phishing to avoid personal ransomware attacks through spam email. To avoid targeted ransomware attacks, you’ll need to invest in a cybersecurity program.
Malwarebytes recommends one with real-time protection designed to thwart advanced malware attacks such as ransomware.
It should also shield vulnerable programs from threats (an anti-exploit technology) as well as block ransomware from holding files hostage.
3. Mobile attacks
We use our phones every day for many purposes. From two-factor authentication to mobile banking to storing our sensitive information and conversations, our phones play a crucial role.
Cyber criminals know this too, hence the 50% increase in mobile banking malware in the first half of 2019.
Mobile attacks come in many forms, such as malicious software, smishing, spyware, and man-in-the-middle attacks. These problems are only made worse by the fact that mobile devices have unique challenges when it comes to security.
How to avoid mobile attacks
Since smishing attacks are a form of phishing attack, they can be avoided in the same way.
Official app stores scan their mobile apps before making them available, so you may want to download your apps from them. And avoid using public Wi-Fi (like the ones in hotels, coffee shops, and airports) without a VPN.
4. IoT attacks
The number of IoT (Internet of Things)-connected devices is slowly increasing each year. Add to that the new 5G technology that has yet to be fully secured and you’ve got a lot of potential problems.
FireEye’s annual threat report states that threat actors can enlist millions of compromised IoT devices to drive large-scale attacks.
IoT attacks are particularly problematic because they can affect things such as cell phones, computers, smart home devices, vehicles, pacemakers, and even construction cranes.
How to avoid IoT attacks
IoT attacks are harder to defend against because of the size of the attack surface. You’ll need to make a thorough inventory of all IoT-connected devices on your networks as well as the operating system they run.
These devices’ firmware has to be kept up to date to avoid possible exploits.
Consider installing a VPN on your router to secure all your home devices. You can also have a separate guest network if your router supports it, which allows visitors to access your Wi-Fi while having limited access to everything else.
5. Insider attacks
Insider attacks are one of the most difficult to prevent and discover. They come in the form of malicious attacks or human error. The key takeaway here is that the human element needs close monitoring.
These attacks have the potential to cause great losses both to your organization and the people relying on it. All it takes is one disgruntled employee or slip up when using a privileged account to trigger a massive data breach.
How to avoid insider attacks
An access policy of least privilege will always be one of the best ways of avoiding these attacks. This policy restricts what systems and IT resources a user can access to the minimum required for their job.
This therefore limits any damage caused by a compromised or abused employee account.
Also, remember to revoke whatever privileges were assigned to a compromised account to prevent it from being used again.
6. DDoS attacks
DDoS (distributed denial-of-service) attacks use multiple compromised systems, which are often infected with a Trojan, to target a single system.
This can come in the form of a traffic attack, bandwidth attack, or application attack.
DDoS attacks can paralyze whole operations and can impact both the targeted system as well as the systems that the attackers maliciously used in the attack. They can also be used to distract your cybersecurity team from a different attack.
How to avoid DDoS attacks
Developing an incident response plan is a must. This plan should include the creation of a systems checklist, formation of a response team, and definition of notification and escalation procedures, and a list of internal and external contacts to be informed about the attack.
Defending against a DDoS attack depends on the attack methodology. Volume-based attacks will need an increase in the capacity of the system to handle the fake bandwidth.
Protocol-based/application-layer DDoS attacks will need you to blacklist IP addresses that are identified as being part of a DDoS attack.
Finally, consider creating business continuity and disaster recovery plans to help minimize the impact of a DDoS attack.
Don’t ignore these threats
As we said at the beginning, cyber criminals keep looking for new ways to lie, cheat, and steal. As the damage they do increases, so do the costs to defend against their attacks.
Discover the latest threats and learn how to protect you and your organisation by subscribing to IT Governance’s Weekly Round-up.
This article was written by Robert Mardisalu.
He is the co-founder and editor of TheBestVPN.com, and a computer security professional, privacy specialist, and cybersecurity writer.